EU Data Protection – Change is Coming

The new EU data protection law is getting ever closer. The clock is ticking, with major changes on the horizon relating to the way businesses will be allowed to collect, hold, store and use personal data.

New EU Regulation – what will change?

The changes to the law fall into two main areas

Responsibility and Accountability …

… which will require organisations to demonstrate stringent data governance and robust data protection policies, procedures, processes and training, starting with the Board.

Marketing …

… which will impact consent (which must be obtained fairly, and be unambiguous and explicit), and will impose restrictions around tracking and profiling.

You’ll find more information about the upcoming DPA changes in relation to marketing and accountability in the guest blog I wrote for All Response Media.

When will the new EU Regulation become Law?

This has been the subject of much discussion. Justice and Home Affairs Ministers agreed amendments to the Commission Text in June, and three-way negotiations are now taking place between the EC, Parliament and Justice and Home Affairs Ministers.

It is expected that this process will be completed by December 2015, in which case the Regulation will be passed in Brussels in early 2016, and become UK law in late 2017 / early 2018.

So why do I need to start now?

While it may seem that a couple of years is plenty of time to get ready, failing to react until the big shake-up actually arrives is likely to cause chaos and confusion throughout all areas of your business.

Responsibility and accountability for the new legal requirements around data protection must lie with the Board in order to be embedded throughout all areas of the business – from sales and marketing to IT, HR to Customer Services. With that in mind, and given the huge emphasis on accountability and governance, preparation and planning are essential, and businesses need to start looking at their data governance, compliance and security measures right now.

How can Data Compliant help?

The protection of the personal data your company holds needs to be of paramount importance – it will no longer be acceptable to fall short in terms of accountability, or responsibility, or to rely on loopholes in the current legislation. So please get in touch if you you would like to discuss the implications of the new legislation, and to understand your obligations around data governance, security and compliance. Have a look at our website, call 01787 277742, or email victoria@datacompliant.co.uk